There is a file in "conf/tomcat-users.xml" that contains:
Username and passwords.
Authorization roles.
User/Role Associations.
Just add entries to this file and restart Tomcat.
An example:
<tomcat-users> <role rolename="tomcat"/> <role rolename="eventuser"/> <role rolename="manager"/> <role rolename="admin"/> <user username="jimmy" password="jimmy" roles="eventuser"/> <user username="tomcat" password="tomcat" roles="tomcat"/> <user username="admin" password="admin" roles="admin,manager"/> </tomcat-users>
The password can be encrypted (see next slide).